Hello fellow Russian citizens,
Anybody use Chateau with 7.0.3/7.0.5 stable firmware? I experiencing issues with MTS Moscow VoWIFI. Port 4500 connection has xxx/0 bytes — in other words, IPSEC channel does not receive anything. Sometimes it does, sometimes not. I do not see a logic. Probably it’s a bug in firmware. MTS told me they are OK (of course, what else answer we may get from cell operator). No Fasttrack enabled, no strict firewall rules which filter this traffic.
I found it is NAT issue. Instead of creating mapping LAN_IP:4500 ↔ SERVER_IP:4500 Connections tab has two unrelated connections LAN_IP:4500 → SERVER_IP:4500 and SERVER_IP:4500 → PUBLIC_IP:4500. So, instead of passing traffic in NATted connection both connections are stalled due this. What’s the issue?
change udp and udp stream timeout to 1h.
drop connections from WAN that is not NAT’ed.
enable WMM and set priority 7 for udp/500 and udp/4500
works. wish there was VOWLAN helper just like SIP. to keep these connections alive.
MTS VoWiFi works for you on firmware 7.1.1? Moscow region?
It was issue with NAT and Bridge IP Firewall: NAT worked incorrectly. It was fixed in 7.2rc4.
UPD: no, not fixed.